Mitigating the risk of catastrophic overfill incidents in processes that contain materials that are flammable or toxic is a top priority for all process industries today. To do this, one needs to first understand the hazards that these types of processes pose, and what can be done to mitigate them.

In last week’s blog post, we discussed how layered protection can minimize risk and how a Hazards Analysis can help determine if a Safety Instrumented Systems (SIS) is required. In this post, we will explain what a Safety Instrumented System (SIS) is – and the types of safety functions that the SIS requires.

Safety Instrumented Systems
The SIS plays a vital role in providing a protective layer around industrial process systems. Its purpose is to take a process to a “safe state” when pre-determined set points are exceeded or when safe operating conditions have been transgressed.

The SIS is comprised of Safety Instrumented Functions (SIFs) with sensors, logic solvers and actuators:

Sensors for signal input and power

Input signal interfacing and processing

Logic solver with power and communications

Output signal processing, interfacing and power

Actuators (valves, switching devices) for final control function

Safety Instrumented Functions
A Safety Instrumented Function (SIF) is a safety function with a specified Safety Integrity Level (SIL) that is implemented by the SIS to achieve or maintain a safe state. A SIF’s sensors, logic solver and final elements act in concert to detect a hazard and bring the process to a safe state.

Here’s an example:

A process vessel sustains a buildup of pressure, which should open a vent valve.

The specific safety hazard is overpressure of the vessel.

When pressure rises above the normal set points, a pressure-sensing instrument detects the increase. Logic (PLC, relay, hard-wired, etc.) then opens a vent valve to return the system to a safe state.

In fact, the increased availability and use of SIL reliability data has allowed the traditional example above to be improved using a High Integrity Process Pressure System (HIPPS) to eliminate even the risk of venting to the environment. When the HIPPS is implemented, the system controls are so thorough and reliable that there is no need to vent, or use a relief valve.

Like the safety features on an automobile, a SIF may operate continuously like a car’s steering, or intermittently like a car’s air bag. A safety function operating in the demand mode is only performed when required in order to transfer the Equipment Under Control (EUC) into a specified state. A safety function operating in continuous mode operates to retain the EUC within its safe state.